Cloud security issues: the real threats

64 percent of IT professionals believe that their data and applications are more secure in the cloud than in their legacy on-premises systems. As more and more businesses push services and storage to the cloud, that’s good news.

Far too many businesses fall victim to missteps when implementing their cloud strategy. According to IT research and advisory firm Gartner, by 2020 95 percent of cloud security failures will be the fault of the customer.

In this article, we’ll discuss 4 of the most important cloud security errors.

Authentication issues

Once your files are at rest in the public cloud, they should be fairly secure. The problem lies in determining that the correct users have access to them while keeping out unauthorized intruders.

For example, employees might use the same password for the cloud as they do for their email account. If a data breach exposes their email password, this password has become compromised. It doesn’t matter how much security Amazon and Microsoft add to their cloud servers. This is because savvy attackers will attempt to use this password for the user’s accounts on other websites. This could mean a giant backdoor into your cloud storage.

In order to lock down malicious actors, require employees to keep a unique password while on the job. You can also investigate systems such as multi-factor authentication. This method combines passwords with other authentication methods like security codes and fingerprints.

Cloud security misconfigurations

In September 2017, IT security researcher Chris Vickery discovered four Amazon Web Services cloud storage buckets that were unintentionally available to the public by consulting firm Accenture. These files contained highly confidential data including security certificates, decryption keys, and client information.

The Accenture incident is just one example of many. Cloud security configuration errors and mistakes can leave your company’s most sensitive data exposed. Organizations ranging from Dow Jones and Verizon to the U.S. Army Intelligence and Security Command have accidentally revealed files and information in the public cloud to anyone who would know where to look for them.

Lack of patching and visibility

Some of the most devastating data breaches in history, such as the 2017 Equifax attack that exposed the sensitive information of 143 million people, could have been entirely preventable. Attackers infiltrated the Equifax network by exploiting a vulnerability that had previously been patched months prior. For reasons of cloud security and compliance, you must keep your applications and hardware up-to-date at regular intervals.

Installing security updates is the provider’s responsibility when using the public cloud. However, customers are still obligated to do their homework and must choose the right cloud partner to begin with. In addition, mature public cloud providers like AWS offer tools such as CloudTrail and CloudWatch for clients to keep track of activities within their cloud environment.

Lack of backups

You might think that the cloud is already your backup for the files on your on-premises servers. As companies migrate more and more of their operations into the cloud, however, it’s highly worthwhile to have a disaster recovery solution such as storing your files with multiple providers—just in case.

The story of the code hosting service Code Spaces offers a cautionary tale here. When hackers gained access to the company’s cloud infrastructure in 2014, the attackers first attempted to extort money from them. They then deleted the vast majority of Code Spaces’ data, backups, and configurations. Because the attackers exploited this single point of failure, Code Spaces could not recover from this cyber disaster. They were shortly forced to go out of business.

Step 1 of 10

Do you have dedicated staff to support your AWS Cloud Initiatives?

What is the most senior level person you have on staff or are you looking to hire to support your AWS projects and on-going management? (Select One)

Senior AWS person*

DevOps Engineer with 2 or less years of experience

DevOps Engineer with 3 – 5 years of experience

DevOps Engineer with 6 + years of experience

Application Architect with 10+ years of experience

Existing Application Development Team (Shadow IT)

Do you have staff to manage your AWS environment around the clock, 24/7?

24/7*

Yes

No

Do you have a formal DevOps training process?

DevOps Training process*

Yes

No

Are you planning on following AWS best practices, such as the Cloud-Adoption-Framework as part of your migration strategy?

AWS Best Practices*

Yes

No

Do you have a formal DevOps training process?

Do you have a process for continuous improvement?

Development team’s performance*

Yes

No

Do you have a dedicated Project Manager/Scrum Master for your Cloud/DevOps projects?

Dedicated Project Manager*

Yes

No

How much time do you budget for hiring and training support or engineering employees? (select one)

Budget*

3

months

6

months

9+

months

How many servers are you looking to migrate to AWS? (select one)

Servers*

5-10 Servers

11-20 Servers

21-30 Servers

30+Servers

Result

Congratulations!

Based on your answers, you’re in great shape to start your AWS journey. We’re happy to supplement your efforts. Our team of expert resources can help you with migration questions, modernization needs, and 24/7 management of your applications once you’re running in AWS.

Based on your answers, you’ve got a good foundation in place to start your AWS journey. The good news is, we can help! And you can save time and money by focusing your team on business issues while we handle the cloud work faster and cheaper than in-house resources.

Based on your answers, you’re on the right track, and we can help you start your AWS journey. You may feel like you have a lot of work to do, but we can help with migration planning and deployment. With EPLEXITY you can get up and running on AWS faster, easier, and more affordably then you may have realized.

Accelerated migration to the AWS cloud

Many Customers need to ensure that their cloud environments are compliant with regulations (such as HIPAA, GDPR, ISO, or PCI) before they could start migrating applications and infrastructure. CXOS Managed AWS ensures compliance with the proper regulations as part of automated CXOS AWS landing zone deployment and on-going compliance management.

Additionally, The CXOS Design Library of production grade AWS Architectures are 100% automated leading to a reduction of time and cost by 80% associated with migrations. This saves our customers between $600-$1,200 per server migrated in Professional Services one-time fees.

Resource cost avoidance

Eliminating the need to hire new cloud resources yields on average $625,000 annually in cost savings. Running the project in-house is the alternative to CXOS-led cloud migration and management. For our customers, this would have required hiring the equivalent of a 4 - 10 FTEs (4 for 8X5 service and support\migration coverage vs minimum of 10 for 24/7) who possess cloud expertise and then keeping them on staff to run cloud operations postmigration. Leveraging CXOS to prepare for the migration and to take over operations saves our customers hundreds of hours of expensive resource time.

Optimized Resource Efficiency Gains

CXOS Managed AWS brings operational excellence, experience, expertise, and best practices, aligned with AWS Well-architected Standards that allowed our customers to achieve higher resource efficiency gains, focusing resources on higher business impacting activities than what it would have achieved on its own.

Improved organizational security

The average cost of an SMB data breach is now $117,000 per incident, according to a study of data breach costs at small to medium sized businesses performed by Kaspersky Labs. Working with CXOS Managed AWS Services often-times provides a major overall security benefit to our customers and reduces the chance of a major security breach, which can cause damage in the form of brand reputation, stock price, and cost of remediation efforts.

Gartner expects that through 2022, at least 95% of cloud security failures will be due to the customer’s improper configurations. CXOS Managed AWS adheres to rigorous security engineering standards, aligned to AWS Well Architected Security Pillar and performs monitoring and remediating of security incidents 24/7/365.

Cloud infrastructure management tooling

Creating or buying your own infrastructure management tools such as patch, update, support ticketing, security, or backup solutions leads to increased infrastructure costs. CXOS provided all necessary management tools. Our customers on average save an additional $73,000 annually on cloud infrastructure management tooling. Working with CXOS Managed AWS Services enables customers to avoid fees they would have paid if they led cloud operations on their own.

Reduced downtime

ITIC’s latest 2019 Server Reliability Survey, which polled over 1,000 businesses worldwide from November 2018 through January 2019, found that a single hour of downtime now costs 98% of firms at least $100,000. With CXOS Managed AWS Services running cloud operations, customers see higher uptime for their AWS Workloads due to improved patching compliance, a reduction in the number of major security incidents, and faster incident response. Higher uptime can also result in incremental revenue that the customers would not have recognized if they ran cloud operations on their own.